<?php
set_time_limit(0); 
error_reporting(E_ALL & ~E_NOTICE);
$incDir = dirname(__FILE__);
define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc()); //可以不用加这一行
session_start();

$time_start = microtime(1);
include_once($incDir."/../conf/conf.php");
include_once($incDir."/Cache.php");
//include($incDir."/dbInfo.php");
include_once($incDir."/Function.php");
include_once($incDir."/Mysql.php");

include_once($incDir."/Object.php");
include_once($incDir."/Template.php");
include_once($incDir."/Field.php");
include_once($incDir."/Mould.php");
include_once($incDir."/Admin.php");
include_once($incDir."/ActionLog.php");

include_once($incDir . '/../includes/task_common.php');

//新模板增加
include_once($incDir."/new_template_js_function.php");


if($_POST)
{
	//print_r($_POST);
	@new ActionLog(array("LogType"=>"postlog","Action"=>"|||||\t". serialize($_POST) ."\t|||||\t{$currAdmin->AID}"));
}
if(!function_exists("daddslashes"))
{
	
function daddslashes($string, $force = 0) 
{
	!defined('MAGIC_QUOTES_GPC') && define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
	if(!MAGIC_QUOTES_GPC || $force) 
	{
		if(is_array($string)) 
		{
			foreach($string as $key => $val) 
			{
				$string[$key] = daddslashes($val, $force);
			}
		} 
		else 
		{
			$string = addslashes($string);
		}
	}
	return $string;
}
}
if("".LJF_CPRT."" == "")
	alert("CopyRight");

$db = new Mysql(DB_HOST,'3306', DB_USER, DB_PASS,DB_DATABASE,DB_CHARSET,0,true);

//$zoshow_db = new Mysql(ZOSHOW_DB_HOST,'3306', ZOSHOW_DB_USER, ZOSHOW_DB_PASS,ZOSHOW_DB_DATABASE,ZOSHOW_DB_CHARSET,0,true);

foreach(array('_SESSION', '_COOKIE', '_POST', '_GET', '_REQUEST') as $_request) 
{
	foreach($$_request as $_key => $_value) 
	{
		$_key{0} != '_' && $$_key = daddslashes($_value);
	}
}


/*
$f = new Field();
echo $f->explainSql("select {页面标题},{看新品列表ID} from {首页} where {热品列表ID}='' order by {时尚焦点图链接} desc");
exit;
*/
//if(!ereg('preview\.php',$_SERVER['SCRIPT_NAME']) && !ereg('inc/editor',$_SERVER['PHP_SELF']) && !ereg("login\.php",$_SERVER['SCRIPT_NAME']) && !ereg("process\.php",$_SERVER['SCRIPT_NAME']) && !($_REQUEST['action'] == 'pub' && eregi("docList_[0-9]+\.php$",$_SERVER['SCRIPT_FILENAME'])))
if( !ereg("login\.php",$_SERVER['SCRIPT_NAME']) ){
        if(!$_SESSION["AID"] || $_SESSION["AID"] == 0)
        {
        	alert("您没有登录，请登录","location",ROOT_URL.'login.php');
        }
     
        $currAdmin = new Admin($row);
        
        //实时获取管理员信息
        $currAdmin->getObjByID($_SESSION['AID'], "AID", "Admin");
        //判断用户是否有该模块的权限
        $ACPowers = $currAdmin->CPower();
        if(ereg("left\.php",$_SERVER['SCRIPT_NAME']) || ($currAdmin->Power & 2047) == 2047)
        {
            $hasP = true;
        }
        // 验证模板相关权限   
        if(ereg("template(List)?\.php",$_SERVER['SCRIPT_NAME']) && ($currAdmin->Power & 16) == 16)//模板
        {
        	$hasP = true;
        }
        if(ereg("field(List)?\.php",$_SERVER['SCRIPT_NAME']) && ($currAdmin->Power & 32) == 32)//模板域
        {
        	$hasP = true;
        }
        if($ACPowers && !$hasP)
		foreach($ACPowers as $acpower)
        {
        	if($acpower['MUrl'])
        	{
	        	$acpower['MUrl'] = str_replace(BIN_URL,basename(BIN_URL), $acpower['MUrl']);
        	}
            if(realpath(EXE_ROOT.'/'.$acpower['MUrl']) == realpath($_SERVER['SCRIPT_FILENAME']))
            {
                    $hasP = true;
                    break;
            }
            if(realpath(EXE_ROOT.'/'.ereg_replace("List_","_",$acpower['MUrl'])) == realpath($_SERVER['SCRIPT_FILENAME']))
            {
                    $hasP = true;
                    break;
            }
        }
         
        //判断用户是否有该模块的权限
        $ATPowers = unserialize($currAdmin->TPower);
		if($ATPowers && !$hasP)
		foreach($ATPowers as $atpower)
        {
        	if($atpower['MUrl'])
        	{
	        	$atpower['MUrl'] = str_replace(BIN_URL,basename(BIN_URL), $atpower['MUrl']);
        	}
            if(realpath(EXE_ROOT.'/'.$atpower['MUrl']) == realpath($_SERVER['SCRIPT_FILENAME']))
            {
                    $hasP = true;
                    break;
            }
            if(realpath(EXE_ROOT.'/'.ereg_replace("List_","_",$atpower['MUrl'])) == realpath($_SERVER['SCRIPT_FILENAME']))
            {
                    $hasP = true;
                    break;
            }
        }

        //note bg目录下的文件没有进行权限检查
        if( ereg('/bg/',$_SERVER['SCRIPT_NAME'] ) ) $hasP = true;
       
//        if(!$hasP)
//                alert("没有权限");
}
?>
